Andrew Williams's Projects
Public malware techniques used in the wild: Virtual Machine, Emulation, Debuggers, Sandbox detection.
HTTP Archive's annual "State of the Web" report made by the web community
Digital Forensics Artifact Repository
A collection of red team and adversary emulation resources developed and released by MITRE.
A curated list of awesome forensic analysis tools and resources
A curated list of awesome malware analysis tools and resources.
The FLARE team's open-source tool to identify capabilities in executable files.
Standard collection of rules for capa: the tool for enumerating the capabilities of programs
The official GitHub mirror of the Chromium source
ClamAV - Documentation is here: https://github.com/Cisco-Talos/clamav-documentation
ClamAV ByteCode Compiler
ClamAV Documentation
ClamAV FAQ
Seed Corpus for clamav-devel oss-fuzz integration.
Proof-of-Concept for a program to help people contribute to Snort/ClamAV
Asynchronous access to cookies from JavaScript
Chrome Developers
Test the accuracy of Endpoint Detection and Response (EDR) software with simple script which executes various ATT&CK/LOLBAS/Invoke-CradleCrafter payloads
A CALDERA plugin for ATT&CK Evaluations Round 1
IDA pro plugin to find crypto constants (and more)
FakeNet-NG - Next Generation Dynamic Network Analysis Tool
HTML Standard
HTTP Extensions in progress
A list of IDA Plugins
LIEF - Library to Instrument Executable Formats
Tracks dependencies for Windows EXE and DLL PE-files (Portable Executable), resembles ldd from libc
pefile is a Python module to read and work with PE (Portable Executable) files